More on the CyberComm expansion, criticism

Nearly everyone who follows cyber news was buzzing about the CyberComm expansion, and for good reason. Besides the fact that CyberComm is getting a much deserved boost in manpower, I think those force divisions are a really significant development.  If you don’t know what I’m talking about, take a look at this Washington Post article. 

Before going any further, a few people noted that the expansion is not yet final.  Specifically, John Reed wrote for Foreign Policy on how the expansion is still being kicked around at the highest levels.  Reed quotes an official who says the plan isn’t final, but “[t]here is no doubt that we will expand our cyber forces; everyone is on the same page with that . . . [s]o in concept, yes, we’re expanding it.  Has it happened on paper yet? No.”  Not that I’m some insider, but I’d be pretty confident this expansion is going to go through, although that damn sequester may alter a few things.

Keeping that in mind, I want to get back to those force divisions.  I’m really interested in the “national mission forces,” which Ellen Nakashima (the writer of the WashPo article) explained would “protect computer systems that undergird electrical grids, power plants and other infrastructure deemed critical to national and economic security.”  I believe that division will have the US military playing a larger role in/around private networks, though the DoD may strain to deny it.  If anything, the national mission forces sort of step on DHS’ toes, making us question why we need DHS to do a similar job with even less resources and expertise.  Why spend money building DHS’ cyber capability if CyberComm can do it much better?  And if we’re not spending money on DHS’ cyber capability, why shouldn’t the military one day fill its role?  Jason Healey (of the Atlantic Council) expressed a similar sentiment (and a few others) in a some tweets earlier today.  Ellen Nakashima ended up chiming in.  Both are worth following, FYI.

Confirmation bias yada yada yada, as I wrote in our Year in Review, I think this news portends the US military’s increasing role in cyberspace.  I’m not alone in the sentiment, with a James Lewis Foreign Policy article and a Sean Lawson Forbes article both making the same argument.  To be clear, I would support such an increased role, and while there is reason for concern I believe the privacy fears are overblown.

But see The Guardian’s Glenn Greenwald with a particularly salty article on how the CyberComm expansion is “about everything except defense.”  Wouldn’t you know it, this expansion poses “a wide array of serious threats to internet freedom, privacy, and international law that, as usual, will be conducted with full-scale secrecy and with little to no oversight and accountability.”  Also, “[t]he US isn’t the vulnerable victim of cyber-attacks.”  Sprinkle in repeated use of the phrase fear-mongering, and bam, you’ve just read Greenwald’s article.  While we definitely should criticize some of the alarmist rhetoric coming out of the government (see John Kerry calling hackers a “21st-century nuclear weapons equivalent”), that doesn’t mean there isn’t a cognizable, dangerous threat that is worthy of concern.  By the same token, we should criticize those who claim any reasonable exercise of government power in the area of cybersecurity is some existential threat to our liberty or privacy.  Mr. Greenwald derides US government fear-mongering, but I say pot meet kettle.

Here’s your obligatory CyberComm logo, via Wikimedia.

***

While we’re on the subject, Israel is undergoing a similar cyber expansion; Gwen Ackerman reports for Bloomberg.